Skip to main content

Privacy Policy

Last updated: June 27, 2026

We built GetBotl on a foundation of trust. This policy explains exactly what data we collect, why we collect it, and how we protect it.

Section 1

Introduction

Pre-Launch Notice: GetBotl is currently in development and pre-launch mode. The platform, mobile app, and delivery services are not yet live. This Privacy Policy is published in advance of our launch to inform users of how their data will be handled when the service becomes available. Information collected through this website (such as waitlist sign-ups) is subject to this policy. Certain features, integrations, and data practices described herein may evolve before and after launch.

GetBotl Inc. ("GetBotl," "we," "our," or "us") operates an on-demand alcohol delivery marketplace that connects verified adult consumers with licensed retail partners in New York State. We take your privacy seriously, and this Privacy Policy describes how we collect, use, disclose, and safeguard information about you when you use our mobile application, website, and related services (collectively, the "Services").

This policy applies to all users of the GetBotl platform, including:

  • Consumers who place orders through the GetBotl app or website
  • Merchant partners who operate retail stores on our platform
  • Visitors to our website at getbotl.com
  • Couriers who fulfill deliveries through our network

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree, please discontinue use of the Services immediately.

Due to the nature of alcohol delivery, some data collection is legally mandated under New York ABC Law and related regulations. We collect only what is necessary to operate a compliant, safe platform.

Section 2

Information We Collect

We collect information in three ways: directly from you, automatically through your use of the Services, and from third-party partners who assist us in operating the platform.

A. Information You Provide Directly

  • Account Registration: When you create a GetBotl account, we collect your full legal name, email address, phone number, and date of birth. This information is required to create your account and verify your eligibility to use our Services.
  • Identity Verification: To comply with New York ABC Law and verify that all users are 21 or older, we collect a photograph of a government-issued identification document and a real-time selfie for liveness detection. This data is processed by our third-party verification partner and is subject to the data handling practices described in Section 4.
  • Payment Information: Payment processing is handled exclusively by Stripe, Inc. GetBotl does not store, access, or retain your credit card number, CVV, or full card details. We receive only a tokenized reference and the last four digits of your card for display purposes.
  • Delivery Address: We collect your delivery address or addresses to facilitate order routing and delivery. You may save multiple addresses to your account.
  • Merchant Application Data: If you apply to list your retail store on GetBotl, we collect your business name, NYSLA license number, business address, primary contact information, and banking details for payment disbursement.
  • Communications: If you contact our support team or submit feedback, we retain records of those communications to resolve your inquiry and improve our Services.

B. Information Collected Automatically

  • Location Data: We collect your precise geographic location while you have the GetBotl app open and an active order session in progress. We do not collect location data in the background. See Section 5 for full details.
  • Device Information: We collect your device type, operating system version, unique device identifiers, and app version to ensure compatibility and diagnose technical issues.
  • Usage Data: We collect information about how you interact with the Services, including pages viewed, features used, search queries, order history, and session duration.
  • IP Address: We log your IP address for security purposes, fraud prevention, and general geographic service availability determination.
  • Log Data: Our servers automatically record technical information including request timestamps, error logs, and referral URLs.

C. Information from Third Parties

  • Identity Verification Providers: We receive verification status results (pass/fail) and confidence scores from our third-party identity verification partner. We do not receive raw ID scans back from them after verification is complete.
  • Payment Processors: Stripe provides us with transaction status, payment method type, and fraud signals associated with transactions processed through our platform.
  • NYSLA License Verification: We query the New York State Liquor Authority public license database to verify and monitor the license status of merchant partners.

Section 3

How We Use Your Information

We use the information we collect for specific, legitimate purposes necessary to operate a safe and compliant alcohol delivery platform. We do not engage in data brokerage or behavioral advertising.

  • Process and fulfill your orders by routing requests to the appropriate licensed retail partner and coordinating delivery through our courier network
  • Verify your age and identity as required by New York ABC Law Section 65 prior to your first order
  • Match your delivery address with licensed stores that serve your area and maintain current inventory
  • Process payments securely through Stripe and manage refunds, disputes, and chargebacks
  • Detect and prevent fraud, identity theft, and abuse of the platform
  • Communicate order status, delivery updates, and account notifications via push notification, SMS, or email
  • Comply with our obligations under NY ABC Law, applicable tax regulations, and other legal requirements
  • Improve the platform through aggregated, anonymized analytics that cannot identify individual users
  • Respond to customer support inquiries and resolve disputes
  • Send promotional communications, if and only if you have opted in (you may opt out at any time)

We do NOT sell your personal data to any third party, data broker, or advertising network. We do NOT use your personal information to serve you third-party advertisements. Your data is used solely to operate the GetBotl platform.

Section 4

Age Verification Data

Age verification data — including government ID images and biometric selfie data — is among the most sensitive information we handle. We apply heightened protections to this data beyond our standard data security practices.

  • 🔒All identity documents and selfie images are encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
  • 🔒ID verification processing is performed by a certified third-party verification partner operating under strict data processing agreements
  • 🔒GetBotl does not store unencrypted copies of government ID documents or facial images on our servers
  • 🔒Verification data is retained for a maximum of 90 days following account closure, after which it is permanently deleted
  • 🔒Age verification data is never sold, shared with advertisers, or used for any purpose other than identity and age confirmation

GetBotl may disclose age verification data to law enforcement or regulatory authorities if required by a valid legal process, including a valid subpoena, court order, or warrant. We will notify you of such requests to the extent permitted by law.

Section 5

Location Data

Precise location data is essential for matching you with nearby licensed stores and coordinating delivery to your address. We have designed our location data practices to be minimal and purposeful.

  • We collect your precise geographic location only when the GetBotl app is open and you have an active order session in progress
  • We do not track your location in the background when the app is closed or when you do not have an active order
  • Location data is used solely for delivery matching — to identify licensed stores that can fulfill your order and to route couriers to your address
  • Precise location data associated with a completed or cancelled order is not retained after the order session ends
  • Your saved delivery addresses (which you enter manually) are stored as account data and are subject to standard account retention policies

You may revoke location permissions at any time through your device settings. Revoking location access will require you to manually enter a delivery address for each order.

Section 6

Data Sharing

GetBotl does not sell your data. We share your information only with the parties necessary to operate the platform and comply with the law, as described below.

  • Licensed Retail Partners: We share your order details (items, quantity, delivery address) with the retail store fulfilling your order. We do not share your full account profile, ID verification data, or payment details with retail partners.
  • Courier Network: We share your delivery address and order details with the courier assigned to your delivery. We do not share your payment information or identity document data with couriers.
  • Payment Processors (Stripe): Payment processing is handled by Stripe, Inc., which is PCI DSS Level 1 certified. Your payment information is governed by Stripe's privacy policy.
  • Identity Verification Providers: Your ID document and selfie data are transmitted to our verification partner for processing under strict data processing agreements. They do not retain your data beyond what is necessary to provide verification services.
  • Law Enforcement: We may disclose information in response to a valid subpoena, court order, warrant, or other legal process. We will seek to notify you unless legally prohibited from doing so.
  • Successors: In the event of a merger, acquisition, or sale of all or substantially all of GetBotl's assets, your data may be transferred to the successor entity. We will provide notice before such a transfer and give you the opportunity to delete your account.

Section 7

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy and to comply with our legal obligations.

  • Active Accounts: Your account data is retained for as long as your account remains active.
  • Closed Accounts: Upon account closure, we anonymize or permanently delete your personal data within 90 days, except where we are required by law to retain it longer.
  • Order Records: Transaction and order records are retained for 7 years from the date of the transaction to comply with tax, accounting, and regulatory requirements.
  • ID Verification Data: Age verification data is retained for a maximum of 90 days following account closure and then permanently deleted.
  • Legal Hold: In cases of active litigation, regulatory investigation, or other legal proceedings, we may retain relevant data for the duration of such proceedings as required by law.

Section 8

Your Rights

Depending on your location, you may have certain rights with respect to your personal information under applicable law, including New York law and, for California residents, the California Consumer Privacy Act (CCPA).

  • Right to Access: You have the right to request a copy of the personal information we hold about you.
  • Right to Correct: You have the right to request correction of inaccurate or incomplete personal information.
  • Right to Delete: You have the right to request deletion of your personal information, subject to our legal retention obligations.
  • Right to Portability: You have the right to receive your personal data in a structured, machine-readable format.
  • Right to Opt Out: You have the right to opt out of non-essential communications, including promotional emails and push notifications.
  • California Residents: California residents have additional rights under the CCPA, including the right to know about the sale of personal information (we do not sell personal information) and the right to non-discrimination for exercising privacy rights.

To exercise any of these rights, contact us at privacy@getbotl.com. We will respond to verified requests within 30 days. We may need to verify your identity before processing your request.

Section 9

Cookies

We use cookies and similar tracking technologies on our website to enable core functionality and improve the user experience. We do not use advertising or tracking cookies.

  • Essential Cookies: These cookies are necessary for the website to function and cannot be disabled. They include session management cookies, security tokens, and authentication state cookies. No personal data is transmitted to third parties via these cookies.
  • Analytics Cookies (Optional): We use anonymized analytics cookies to understand how visitors use our website, which pages are most visited, and where users encounter difficulties. Analytics data is fully anonymized and cannot be used to identify individual users. You may disable these cookies in your browser settings without affecting core functionality.

We do not use advertising cookies, behavioral tracking cookies, or cookies that share your data with social media platforms or ad networks. If you see third-party cookie consent prompts on other sites about GetBotl, those are not from us.

Section 10

Children's Privacy

GetBotl is strictly an adults-only service. Our platform is designed exclusively for users who are 21 years of age or older, and we enforce this requirement through mandatory identity verification.

We do not knowingly collect personal information from anyone under the age of 21. If we discover that we have inadvertently collected personal information from a minor, we will immediately:

  • Permanently delete all personal information associated with that individual
  • Terminate the associated account
  • Report the incident to applicable authorities where required by law

If you are a parent or guardian and believe your child has created a GetBotl account, please contact us immediately at privacy@getbotl.com.

Section 11

Security

We implement industry-standard and beyond-standard security measures to protect your personal information against unauthorized access, disclosure, alteration, and destruction.

  • 🛡AES-256 encryption for all personal data stored at rest
  • 🛡TLS 1.3 encryption for all data transmitted between your device and our servers
  • 🛡SOC 2 Type II compliance in progress — we are currently completing our SOC 2 audit
  • 🛡Regular third-party security audits and penetration testing
  • 🛡PCI DSS compliance managed through our Stripe integration — we never handle raw card data
  • 🛡Role-based access controls limiting employee access to personal data on a need-to-know basis

No security system is completely impenetrable. If we become aware of a data breach that affects your personal information, we will notify you and applicable regulatory authorities in accordance with applicable law.

Section 12

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Notify you by email to the address associated with your account
  • Display a prominent in-app notification
  • Post the updated policy on our website with the revised "Last Updated" date

Material changes will not take effect until at least 14 days after notification, giving you time to review the changes and, if you disagree, close your account. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated policy.

Section 13

Contact

If you have questions, concerns, or requests related to this Privacy Policy or the handling of your personal information, please contact our Privacy team:

GetBotl Privacy Team

Email: privacy@getbotl.com

GetBotl Inc.

New York City, NY

We are committed to resolving privacy concerns promptly and will respond to all inquiries within 30 days of receipt.